June 14, 2005

Brand Name Survey Scams

I must have the likely suspects of "survey" spammers in my spam filters because it's now rare that I get to see the contents of the messages (they get trashed on the server after logging the Subject: line). But one slipped through the filters today, reminding me about how dastardly these liars are.

This one's Subject: line would attract the attention of any chocoholic:

Hershey bar Survey: Milk Chocolate vs. Dark

The From: field read:

Hershey's Survey

Whenever I see a respected brand name hurled about in an email message Subject: or From: line, my scam radar goes into high-sensitivity mode. Therefore, rather than rush to open and view the message, I check out the source code first.

The originator of this message identified himself as a domain whose name contained the word "offer." That the message did not originate from a Hershey's server is not alarming. It's not uncommon for big companies to contract outside services for market research.

But then I did a little digging on the domain name. A distinctive stench began to waft my way. The telephone and FAX numbers of the registrant were—and I'm not afraid of revealing too much by publishing the numbers here—+1.5555555555. Veteran U.S. film and TV watchers know that the 555 telephone prefix is reserved by phone companies in every area code as a non-working prefix for use in offline demonstrations, movies, and what-not. That's to prevent film buffs and whackos from dialing a number mentioned in a movie to see who answers (usually some little old lady who eventually has to change her number).

The name of the registrant or contact email address had no match to the "offer" domain name, although the word "media" appears in the company name (by now you're probably getting the picture). Moreover, the Chicago street address turns out to be a UPS (formerly Mailboxes etc.) store.

My question is, therefore, would a company, such as The Hershey Company, hire a firm: a) whose mailing address is a personal mailbox at a UPS store; b) who provides bogus domain registration info; and c) mails from a nondescript domain that is not quite one month old?

Looking into the message body, I find some additional disturbing things. Like the fact that viewing the message in a regular HTML email window loads several images from two other domains, each image URL containing an affiliate ID. Thus, each view of the message may earn brownie points or cents for the sender.

The clickable links also are coded with a hairy identification number of some kind (divided into four segments). The number is certainly long enough to correspond to my email address entry in the sender's database, while the other numbers could identify the message to help the sender know which version of the pitch I'd be responding to.

There is little plain-view text in the message. I presume most of the come-on is in the images—which I won't download or view. But the text I do see invites me to click to learn more about 10 pounds of complimentary chocolate or a $50 restaurant gift card. Hmm, they don't say it's Hershey's chocolate. Nor do they say that I'd definitely get one of these things for clicking "there." With such a great risk of confirming my address to the sender, I won't click the link to see where it leads.

(I don't know what kind of information the survey asks of its participants, but the lure of ten pounds of chocolate may be enough to pry some sensitive data. According to a BBC News article, 70% of surveyed Liverpool, England commuters were willing to divulge their computer passwords for a mere bar of chocolate. For ten pounds of chocolate, they'd probably hand over their first-born children.)

I tried contacting Hershey's to see if this survey is legitimate, and whether this message was a proper use of the company's trademark (there were no trademark assertions in the text portion of the message). Unfortunately, too many Big Companies make it nearly impossible for Joe Average to get in touch with anyone who can dish out the straight poop.

(About a year ago, I got a survey mailing that claimed to be from the Wall Street Journal—I'm a subscriber. Treating the message with the same "radioactive waste" care described here, I did get in contact with someone at the Journal who confirmed that the survey was legitimate and under contract to Dow Jones. But she also noted that in my subscription details, I had asked not to be contacted. That I received the survey request was a mistake, and to compensate me for my troubles, she extended my subscription by several months. I thought that was pretty classy.)

Call me suspicious, but I strongly doubt that this message links to a Hershey's-sponsored survey. Instead, it's most likely a scam to collect your email address and perhaps some other demographic data that will be sold to others as a "targeted" email address. The address will be current (or, as one bulk email marketer called them in email messages collected by court subpoena, "freshies"), and will become a valuable asset to this spammer. You'll reap the benefit of even more spam to that address—long after the zits from eating ten pounds of chocolate have receded (as if you'd actually get the chocolate).